Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2895)
{
unsigned char hashval[EVP_MAX_MD_SIZE];
size_t hashlen = 0;
{
unsigned char hashval[EVP_MAX_MD_SIZE];
size_t hashlen = 0;
- unsigned char msghdr[SSL3_HM_HEADER_LENGTH] = {
- SSL3_MT_MESSAGE_HASH,
- 0,
- 0,
- 0
- };
+ unsigned char msghdr[SSL3_HM_HEADER_LENGTH];
+
+ memset(msghdr, 0, sizeof(msghdr));
/* Get the hash of the initial ClientHello */
if (!ssl3_digest_cached_records(s, 0)
/* Get the hash of the initial ClientHello */
if (!ssl3_digest_cached_records(s, 0)
return 0;
/* Inject the synthetic message_hash message */
return 0;
/* Inject the synthetic message_hash message */
+ msghdr[0] = SSL3_MT_MESSAGE_HASH;
msghdr[SSL3_HM_HEADER_LENGTH - 1] = hashlen;
if (!ssl3_finish_mac(s, msghdr, SSL3_HM_HEADER_LENGTH)
|| !ssl3_finish_mac(s, hashval, hashlen)) {
msghdr[SSL3_HM_HEADER_LENGTH - 1] = hashlen;
if (!ssl3_finish_mac(s, msghdr, SSL3_HM_HEADER_LENGTH)
|| !ssl3_finish_mac(s, hashval, hashlen)) {
- /* TLSv1.3 defines that a ClientHello must end on a record boundary */
+ /* TLSv1.3 specifies that a ClientHello must end on a record boundary */
if (SSL_IS_TLS13(s) && RECORD_LAYER_processed_read_pending(&s->rlayer)) {
*al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
if (SSL_IS_TLS13(s) && RECORD_LAYER_processed_read_pending(&s->rlayer)) {
*al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
projects / openssl.git / commitdiff